Solved

Basic Network VLAN and Subnet Architecture Advice, Please

Posted on 2014-10-29
3
423 Views
Last Modified: 2014-11-01
We are looking at redesigning our network core with some new VLANs and subnets. (something much easier to manage than what we have now). I'm looking for some guidance, or at least a 'thumb's up' on what we're doing. Thanks!

Current Plan:

VLAN 100 - 172.16.100.0/22
Desktops, laptops, smartphones, end user devices, etc.

VLAN 110 - 172.16.110.0/23
VDI machines

VLAN 120 - 172.16.120.0/24
VoIP Phones

VLAN 130 - 172.16.130.0/24
VM Servers, ESXi hosts, SANs

VLAN 140 - 172.16.140.0/24
Network devices, switches, routers, etc.

VLAN 150 - 172.16.150.0/24
Printers


Note: This is a fiber channel network, so the hosts and SANs will have a couple FC and several gigabit NICs.

Is this a decent plan?
Do you think there is an issue with putting ESXi hosts and SANs in the same VLAN/subnet as VM servers?
Should printers and end user devices be split up?

Any other thoughts or advice are welcomed.
0
Comment
Question by:Paul Wagner
3 Comments
 
LVL 37

Assisted Solution

by:Neil Russell
Neil Russell earned 150 total points
ID: 40411966
Put your management networks separate. Have a VLAN for VM Servers and a seperate for HOSTS/SANs
What about VMOTION?
Why /22 and /23 Networks? /24's do just fine across the board.
0
 
LVL 4

Author Comment

by:Paul Wagner
ID: 40412012
What is the benefit to separating the hosts/sans from the servers?

I do have one set aside for vmotion. Just didn't list it. Good eye, though.

/22 and /23 are because I will need more than 254 IP's for each respective subnet.
0
 
LVL 18

Accepted Solution

by:
Akinsd earned 350 total points
ID: 40412571
Vlan or subnetting structure are design preferences per se.

The main considerations for subnetting are
1. Ease of Management (sales vlan, management vlan, managers vlan, server vlans, HR vlan etc) - apply rules per vlan
2. Security (eg finance vlan. executine vlan) - where you can allow access as desired
3. Performance (subnets with 510 or less hosts are generally recommended to reduce broadcast storm, congestion, collision, packet loss etc)

With that said, there is no general rule, but it is usually recommended to separate your server vlans from other vlans for the same reasons mentioned above. If none of the above will impact your topology, it is not a crime to lump everything together in one vlan. It is kind of similar to having Admin building or Admin floor separate from other staff buildings or floors. At the same time, there are companies that have both admin and general staff all in the same place.

Bottom line, it is simply based on informed design preference.

Your setup looks good if it serves the purpose intended.
You are doing architectural design and that must be focused on your goals.
Start by setting up goals for your network
Then design your network based on the goals set.
If your design meets or satisfies your goals, then you have a perfect topology. The other main point to always put into consideration is room for growth (put a real figure on projected growth and make room for it in your design) eg In 5 years, the comapany is expected to triple its size and expand by adding 3 branches or sites.

I believe you get the logic. Consult your Business Intelligence office, or CEO or any executive to have clear understanding on the business objective. This will help you set your goals which in turn will help you design a perfect topology
0

Featured Post

Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Losing network connectivity 8 70
D-link DWL-2600AP - Guest network 1 52
VLAN ip for Cisco switch 11 66
Choosing a firewall for our broadband cable connection 2 56
In the world of WAN, QoS is a pretty important topic for most, if not all, networks. Some WAN technologies have QoS mechanisms built in, but others, such as some L2 WAN's, don't have QoS control in the provider cloud.
Data center, now-a-days, is referred as the home of all the advanced technologies. In-fact, most of the businesses are now establishing their entire organizational structure around the IT capabilities.
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

932 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now